Hong Kong: The Club Med or Club Fed Approach to Regulating SPAM: Hong Kong´s Dilemma

Last Updated: 23 September 2004
Article by Gabriela Kennedy and Katrina Partridge

Like almost everyone who uses e-mail, I receive a ton of spam every day. Much of it offers to help me get out of debt or get rich quick. It would be funny if it weren't so exciting.

Bill Gates, Microsoft

The Internet may have given us an unprecedented tool for locating and sharing information but it has also provided an unwelcome accomplice – unsolicited electronic commercial messages on a large scale, otherwise known as spam.

The Internet has provided us with a widely used communication tool in e-mail. Not all of us may surf the Net but many of us use e-mail to communicate. E-mail is nowadays an integral part of business communication. The more we have come to rely on its convenience and cost savings (with multiple e-mail accounts per person and more and more people around the world opening new domain accounts) - the more likely it was that we would open the doors to abuse of the technology. Some would say therefore that spam was, perhaps, inevitable.

The debate centres on the following question: in a borderless environment how can individual countries protect the privacy rights of their citizens whilst still allowing legitimate e-marketing to occur?

Despite the difficulties, a number of countries have taken steps to tackle the problem. Solutions range from the 'Club Med' styled approach of self-regulation to a more militant line that involves the quartet of public education, enhanced powers of ISPs, technological measures, and legislative provisions with considerable bite. Alas, this is no easy war; the law makers who attempt to fight spam are restrained by something that pre-dated the technology: jurisdictional borders.

This article examines Hong Kong's role in the global fight against spam. It asks whether proposed legislative measures will 'cure' the problem and, if legislation is the answer, what should be included within it.

Defining the problem

SPAM is defined as bulk e-mail messages or news articles sent via electronic mail without the recipients' prior request or consent.1

Whilst depressing news for many, the problem of "those e-mails" isn't set to go away any time soon. Of greater concern is the increasing prevalence of criminal activity (eg. phishing). The Hong Kong Internet Service Providers Association ("HKISPA") reports that Hong Kong spam now constitutes some 50% of e-mail handled by Hong Kong ISPs – a figure in line with international trends2. The problem is a global one. A recent survey of 5 million pieces of spam revealed that slightly less than 86% of spam originates in the US, 3% from South Korea, just under 3% from China and Hong Kong, a little over 2% from Canada and about 1.5% from the Ukraine. Of the IP addresses sending spam, 23% were from China and Hong Kong and another 4% were from Brazil.3

Spam comes at a price. In a recent White Paper4, the Hong Kong Anti-Spam Coalition outlined the tangible and intangible costs of spam on individuals and businesses, alike. These include: lower response rates; IT security issues; lack of storage space; waste of management time; more sluggish productivity; bandwidth cost; misused resources; decreasing opt-in rates; customer dissatisfaction; lower profitability; and user trust breakdown.

The White Paper puts the estimated cost of spam at approximately USD$9 billion annually in the United States and as much as HK$10 billion annually in Hong Kong.

Club Med or Club Fed

There is a well-known saying that "a successful person is one who can lay a firm foundation with the bricks that others throw at him." If we consider spam as the brick against Internet technology then building a firm foundation requires as much a commitment to develop a strong local stance as it does to developing a global one.

Spam has been described as a "social rather than a technological problem"5. One way of dealing with social problems that get out of control is to try and tame them by cracking the legislative whip.

A number of countries have implemented legislation to deal with the problem of spam.6 For comparative purposes we will focus on the US, European and Australian legislation. The United States introduced anti-spam legislation in early 2004. The Controlling the Assault of Non-Solicited Pornography and Marketing Act 2003 is colloquially referred to as the CAN-SPAM Act.

The CAN-SPAM Act covers commercial electronic messages (defined as an electronic mail message with the primary purpose of advertising or otherwise promoting a commercial product or service) but does not include 'transactional or relationship messages' ie. those messages with the primary purpose of facilitating commercial transactions, providing warranty or safety information, providing information relating to a pre-existing business or employment relationship or delivering goods and services according to an agreed transaction. The US Federal Trade Commission is currently defining a framework of rules to determine, inter alia, the "primary purpose" of an e-mail message. Under current proposals an e-mail would be considered primarily commercial if its purpose is solely to advertise or promote a product or service. If a message contains both commercial and non-transactional information then the subject line and also the location of "transactional or relationship" content within the body of the message would be taken into account together with the relative proportion of commercial versus non-commercial content in order to determine the "primary purpose" of the e-mail message.7

The CAN-SPAM Act imposes a number of requirements on marketers:

  • Advertisements must be clearly labeled;
  • Advertisements must include the sender's name, e-mail address, physical address and opt-out directions;
  • False or misleading information is prohibited;
  • Address harvesting and dictionary attacks are prohibited;
  • Sexual content (with some limited exceptions) is prohibited; and
  • Messages cannot be sent through proxies or with fraudulent return-paths and received lines.

If marketers do not comply with these criteria then they are at risk of falling within the scope of 'fraudulent spamming activities', and dependant upon the nature and gravity of their action/s would be potentially liable for fines of up to $6M and up to 5 years of jail time. Fraudulent activities can also be halted by ISPs who have been given significant power to seek injunctive relief and fines up to US$1M against offenders. This is certainly the Club Fed approach to penalties.

Whilst the US penalties are commendable, the legislature's approach to consent is open to debate. There are two approaches to consent as it relates to e-mail - express prior permission due to an existing relationship between the parties ('opt-in') or alternatively, non-permission based messages provided that recipients can choose not to receive further communication from the sender ('opt out').

The US CAN-SPAM Act adopts the 'opt out' approach. The opt-out approach is lauded by many as upholding the rights of legitimate marketers and also maintaining a closer affinity with an individual's right to free speech. However, from the perspective of spamming it is worth noting the research conducted by CipherTrust which shows that spammers have already relied on a legitimate loop hole in the legislation and now make it harder for recipients to unsubscribe from spam messages by including postal rather than e-mail addresses in their opt-out message.8

At a more basic level the opt-out provision allows insufficient protection to users in non-US countries from unsolicited US-generated e-mail. The amount of spam being generated from the US has actually increased since the enactment of the new law9 due to increased reliance on infected offshore proxies to 'hide' sender details. The effect such measures have on public trust as it relates to direct marketers cannot be understated. Equally, given the role of public education in the fight against spam, the opt-out rule does appear to stand at odds with educational efforts which recommend that recipients of spam e-mail should not reply to a spammer as such reply merely confirms the e-mail address.

In legislating against spam, Europe and Australia have adopted the opposite approach to consent and a wider definition of what constitutes spam. The EU Directive on Privacy and Electronic Communications (2002/58/EC) and the EU Directive on E-Commerce (2000/31/EC) define a 'commercial electronic messages' as including, in addition to e-mail, SMS, MMS and IM. If fraudulent activity or spamming is proved, sanctions are determined by the individual Member States but the latter Directive states at Article 20 that "such sanctions … shall be effective, proportionate and dissuasive". Similar to the US, the Directives require messages to be clearly labeled as an advertisement and to include the sender's name, physical address and opt-out directions. There are also prohibitions on disguising origin. The Directives and the Australian legislation – the Spam Act 2003 - adopt an opt-in approach to user consent. The Australian legislation also prohibits the use or circulation of harvesting addresses or harvesting tools.

Whilst the Australian and EU approach are stricter in terms of consent, they fall down when it comes to penalties. In the European Union the level of penalties varies from Member State to Member State depending on the provisions in such Member State. In the UK, for example, an offence at the Magistrate's level stands at £5,000 (US$9,112) and can be (in theory) referred to a higher court for a limitless fine, while in France penalties include a maximum fine of €90,000 (US$108,539) and a three year jail term. By contrast, the Australian SPAM Act imposes a US$156,219 penalty for a repeat offender (US$44,000 for a one off offence) or at an organizational level US$780,667 for a repeat offender (US$156,219 for a one off offence).

A Multi-Faceted Approach

Legislation in isolation will not curb the problem of spam. A multi-faceted approach to dealing with spam is the only effective way to target the issue as this allows privacy rights to be upheld whilst also promoting responsible online direct marketing. This multi-faceted approach should include voluntary codes of conduct, the use of technology and also public education.

Voluntary codes of conduct.

Codes of Conduct are becoming increasingly prevalent. In February 2000 the Hong Kong Internet Service Providers Association issued the Anti-Spam Code of Practice. In June 2004 a coalition of leading Internet Service Providers (Yahoo, Microsoft, EarthLink, America Online, British Telecom and Comcast) announced a proposal of best practices for sending and filtering email. Similarly in Australia, the Australian Direct Marketing Association ("ADMA") industry lobby produced a draft code of practice for members in August 2004. The Australian Code aims to reduce complaints about spam e-mail. In addition to the ADMA code, the Industry Association is working in conjunction with the South Australian and Western Australian Internet Associations on behalf of the Australian Communications Authority while the Australian Communications Industry Forum is developing anti-spam recommendations through its Piracy Advisory Group.

Technology

Technology has the ability to act as a surrogate police force via ISP controls, filters, cryptographic developments, sender ID, black lists and network management solutions (including authentication and technical tools) but Carl Hutzler10, Director of Anti-Spam at AOL admits that this is "an escalating technology war … and a high-level cat and mouse game".

There are a number of examples where the ISPs (who really are at the front line of spam given their role in relaying information across the Internet) and other companies reliant on the medium have demonstrated good corporate citizenship by working alongside their customers to safeguard them from further risk and cost. A recent example: eBay's Web Caller ID which allowed users to verify the authenticity of a Web Site. eBay released the tool to the public11 to protect them from the increased risk of phishing attacks by online perpetrators who set up websites in the guise of the well known online auctioneer. It's a step up from blacklist technology and another example of companies and the public working together to overcome the problem.

In the United Kingdom ISPs have adopted a code of practice that allows them to shut down e-commerce sites that distribute spam regardless of how and from were the spam was sent. The initiative is directed at stopping spammers hosting their e-commerce with a reputable ISP but sending spam from an alternative network. There is also precedent to the suggestion that global collaboration is possible. The London Internet Exchange ("LINX"), for example, introduced a Best Current Practice document ("BCP") on spam in 1999. The BCP received endorsement from RIPE, the Internet policy-setting body for more than 90 countries across Europe, the Middle East, Central Asia and Africa. By the Year 2000, the BCP had become the basis for an increasing number of anti-spam standards. In another promising move, the OECD countries have set up a task force to address spam at the global level; the task force recognizing that close international cooperation is essential in any attempt to contain spam. Other examples include the International Chamber of Commerce (ICC) that offers a global inventory of opt-out and reporting facilities in 26 countries and the SPAMHAUS Project which tracks the Internet's Spammers, Spam Gangs and Spam Services and works with global law enforcement agencies to locate and prosecute (where possible) spammers.

This mutual cooperation is integral if enforcement is to be effective (albeit potentially problematic given political tensions in some countries that may be reluctant to enforce deportation orders or indeed allow the requisite evidence to be collected from their jurisdiction).

The Role of Education

Any approach to spam needs to remain cognizant of the rapidly developing technologies behind it and the number of spammers who are as adept at side stepping the law as they are at developing new methods of reaching your in-box.

Educating consumers about their role in the fight against spam is an integral part of the process. Consumers need to: (i) understand what spam is and how to respond to it; (ii) understand what tools they have available to them on their PC's to filter and block spam (eg. Beysian filters and key word technology); (iii) be made aware of local services that can assist eg. OFTA and a number of service providers allow users to register their phone numbers on 'not-to-call' lists12; (iv) check ISP contracts to ensure they contain provisions pertaining to anti-virus protection and anti-spam features; and (v) have ready access to complaint channels.

Hong Kong

There is no legislation in place in Hong Kong that deals directly with spam. Hong Kong currently relies on industry self-regulation which includes initiatives by the following organisations:

  1. Hong Kong Internet Service Providers Association (HKISPA) [February 2000]: The Anti-SPAM Code of Practice;
  2. Mobile operators [December 2001]: The Code of Practice on Handling of Unsolicited Promotional IOSMS under the Code of Practice for Inter-Operator Short Message Service (IOSMS); and
  3. Local wire-line FTNS network operators [revised January 2004]: Code of Practice setting out the standard procedures for handling complaints against unsolicited fax advertisements.

In light of the growing cost to individuals and businesses alike, the call has increasingly been made to allow the law to assume a more prominent role.

Hong Kong Consultation Paper on Spam

In June 2004, in response to the growing problem of unsolicited email messages, OFTA released a Consultation Paper on Spam13. Views and comments should be submitted to the Government by 25 October 2004. In particular, the Government seeks comments on the following:

  1. The extent of the spam and the loss in monetary terms to individuals/business;
  2. The extent of industry co-operation and whether Codes of Practice should be voluntary or mandatory.
  3. The role and scope of a user education process
  4. Available technical solutions and their effectiveness; and
  5. The pros and cons of a legislative approach to combating spam.

Legislative framework in Hong Kong

Should Hong Kong choose to legislate against spam then there are a number of provisions within the existing Hong Kong legislative framework that provide some precedent value. No provision in existing legislation however, specifically tackles the issue of spam or can be interpreted to cover spam.

The following Ordinances provide limited guidance:

Summary Offences Ordinance (Cap 228) s.20 - deals specifically with telephone calls, or messages and telegrams.

Control of Obscene and Indecent Articles Ordinance (Cap. 390) – relates to content, specifically that which is obscene and indecent.

Personal Data (Privacy) Ordinance (Cap. 486) – s.34 is the closest Hong Kong has to a law that regulates direct marketing. Of note, from an anti-spam perspective, the provision refers to an "opt out" right which may have some influence on the longer term debate in Hong Kong regarding consent.

Telecommunications Ordinance (Cap. 106) s.27A – relates to hacking (rather than the act of sending spam).

Crimes Ordinance (Cap. 200) ss.59, 60 & 161(1) – deal with misuse of computers, destruction of property and accessing a computer with the intention to commit an offence (note however that these provisions were not intended to criminalize the act of sending spam email per se).

Existing research

In any move to draft local legislative measures it would also be remiss to overlook a large body of research already undertaken. In March 2000, in response to the increase in computer crimes cases14, the Government of the Hong Kong SAR established an Inter-departmental Working Group on Computer Related Crime ("the Working Group").

The Working Group, with representatives from various Government bureaux and departments, was tasked with studying the adequacy of Hong Kong legislation in dealing with computer and Internet crimes and identifying areas where changes would be required. In September 2000 the Working Group submitted a report of its findings. The report was released for consultation on 1 December 2000. The Report reported on the potential benefits of ISP collaboration given the use of accounting and session records in the investigation of offences. The Working Group therefore recommended that assistance should be given by ISPs to law enforcement agencies as follows:

  1. ISPs should check subscriber details at the time of registration; rather than introducing statutory provisions administrative guidelines to this effect (and compatible with the privacy safeguards contained in the Personal Data (Privacy) Ordinance) should be drawn up. The guidelines would specify the details that would be required at the point of opening an Internet account and the details that would need to be kept as long as the account is being maintained and for a reasonable period after the account is closed;
  2. ISPs should be encouraged to keep log records including the calling numbers as a good management practice but no mandatory requirement for all Internet transactions to be tracked by the caller line identification function or caller number display function should be adopted;
  3. Both the Government and ISPs should encourage Internet users to make use of PKI but this should not be a mandatory requirement;
  4. ISPs should keep log records for a reasonable period of time i.e. six months;
  5. As content providers, ISPs should be responsible for any contents they may provide but as carriers, ISPs should not be responsible for the contents of messages or sites they carry;
  6. Relevant Policy Bureaux should examine the feasibility of putting in place take-down procedures for infringing copyright material, gambling content and pornographic materials;
  7. As a multiple log-in facility carries some security risk, ISPs should be encouraged to set their system default to deny multiple log-in but only offer this facility as an option;
  8. ISPs and law enforcement agencies should improve their communications to encourage the exchange of ideas on cyber security.

While not all the suggestions in the Working Group would be appropriate, a careful review of the report would be advisable before any drafting of anti-spam legislation is embarked upon.

Finally, as mentioned above, the effectiveness of any anti-spam legislation very much depends, on the penalties imposed and the ease and willingness of authorities to enforce the laws15.

Section 113C of The Criminal Procedure Ordinance in Hong Kong outlines the range of fines from a level one offence ($1 to $2000) to a level 6 offence ($50,000 - $100,000). It is therefore interesting to consider that should Hong Kong adopt anti-spam legislation the potential penalties would be on par with the UK but well below those in other countries such as the United States of America.

Conclusion

Hong Kong, like every other country in the world, is facing an unprecedented challenge in the form of spam. The current system of self-regulation is fast proving an ineffective deterrent and legitimate direct marketers are at risk of losing public trust.

Whilst legislation may be an effective tool in dealing with the problem, the global nature of spam requires a multi-faceted approach to manage both the costs and privacy concerns it generates. A number of countries have already taken steps to tackle the problem and the precedent value these countries offer will assist Hong Kong in adopting a solution best tailored to local conditions.

© Gabriela Kennedy and Katrina Partridge (September 2004)
The authors are Partner and Professional Support Lawyer working in the TMT Group at Lovells in Hong Kong. For any questions regarding issues raised in this article please contact either author by clicking on the Lovells link at the top of this page.

Table 1: Anti-spam legislation by country

ASIA PACIFIC REGION

REGION

LEGISLATION

USER CONSENT

(OPT-IN / OPT-OUT)

SCOPE

RULES

PENALTIES

Korea

APITN16

OUT

Unsolicited commercial e-mail

Other electronic communications containing adult material

  • Clear labelling as an advertisement. Including the sender's name, e-mail address, physical address and opt-out directions
  • Transmission of e-mail to user who has opted-out is prohibited
  • Prohibition of harvesting

Fines up to KRW 10,000,000
(US$ 8,574)

Japan

Specific E-mail Law17

Commercial Transactions Law18

OUT

Unsolicited commercial e-mail

  • Clear labelling as an advertisement. Including the sender's name, e-mail address, physical address and opt-out directions
  • Transmission of e-mail to user who has opted-out is prohibited
  • Prohibition of dictionary attacks

Fines up to: JPY 500, 000
(US$ 4,549) for failure to comply with warning

Australia

The Spam Act 2003

IN

Commercial electronic messages
(e-mail, SS, MMS, IM)

  • Clear labelling as an advertisement. Including the sender's name, e-mail address, physical address and opt-out directions
  • The use or circulation of harvested addresses or harvesting tools is prohibited
  • There is an exemption for entirely factual mail

1st offence (individual):

AU$ 44, 000 (US$ 31,244) per day

Repeat offence (individual): AU$220,000 (US$ 156,219) per day

1st offence (organisation):

AU$220,000 (US$ 156,219) per day

Repeat offence (organisation): AUD1,100,000 (US$ 780, 667) per day

EUROPEAN UNION

REGION

LEGISLATION

USER CONSENT

(OPT-IN / OPT-OUT)

SCOPE

RULES

PENALTIES

The European Union

Privacy Directive19

E-Commerce Directive20

IN

Commercial Electronic Messages (e-mail, SMS, MMS, IM)

  • Clear labelling as an advertisement. Including the sender's name, e-mail address, physical address and opt-out directions
  • Prohibition on disguising origin
  • Opt-in consent except for an existing customer who has not opted-out.

Depends on Member State Legislation

Examples:

UK: £5,000 (US$ 9,112) at Magistrates court. Organisation can be referred to higher court for limitless fines.

Italy: up to €90,000 (US$108,539) and 3 years prison term

UNITED STATES OF AMERICA

REGION

LEGISLATION

USER CONSENT

(OPT-IN / OPT-OUT)

SCOPE

RULES

PENALTIES

U.S.A

CAN-SPAM Act 200321

OUT

Commercial electronic messages22

(not including 'transactional or relationship messages')23

  • Clear labelling as an advertisement. Including the sender's name, e-mail address, physical address and opt-out directions.
  • Prohibits false or misleading information
  • Prohibits address harvesting and dictionary attacks
  • Prohibits sexual content with some limited exceptions
  • FTC24 cases: fines up to US$11,000 per violation
  • State AG25 cases: injunctive relief and fines of up to US$250 per violation (maximum US$2 million)
  • ISP26 cases: injunctive relief and fines of US$25 per violation (maximum of US$ 1 million)
  • Attorney's fees
  • Up to 5 years prison sentence

Footnotes

1 Definition supplied by the Hong Kong Internet Service Providers Association (HKISPA) www.hkispa.org.hk

2 A Lake "Is spam an issue in HK? HKISPA's survey of ISPs", Paper presented at Anti-Spam Forum 'To Regulate or Not', 13 January 2004, Hong Kong. SPAMHAUS (www.spamhaus.org) in an article titled "Follow Australia" (19 July 2004) suggested that SPAM may constitute upwards of 76% of all e-mail.

3 G Gross "Survey: 86% of spam comes from the US", Computer World, August 12, 2004 www.computerworld.cm

4 STOP SPAM (Hong Kong Anti-Spam Coalition) White Paper "Legislation: One of the key pillars in the fights against spam", January 2004 http://www.asiadma.com/downloads/guidelines/pdf/100040/HK_Coalition_Position_Paper_v.7.0.pdf

5 As described by David Crocker, one of the founders of e-mail and a leader in promoting Internet standards for more than thirty years.

6 See Appendix 1

7 R Lieb "FTC Seeks Comments on 'Primary Purpose' of E-mail, 11 August 2004 www.clickz.com/news a

8 G Gross "Survey: 86% of spam comes from the US", Computer World, August 12, 2004 www.computerworld.cm

9 S Olsen "US Cooks up Most Spam", CNET News.com, August 24, 2004 http://news.com/2100-1024-5322803.html

10 Speech by Carl Hutzler, Director of Anti-Spam Operations, America Online Inc "Experiences with Spam in the US: Lessons for Hong Kong", Hong Kong General Chamber of Commerce, 7 September 2004

11 J Vijayan "Antiphishing tool adopted by eBay now available to general public", ComputerWorld (story #48811) www.computerworld.com 17 August 2004.

12 See also recent initiatives in the UK to tackle the problem of unsolicited telephone calls for direct marketing purposes. The Corporate Telephone Preference Service (CTPS) is a central opt-out register and was established on 25 June 2004. Further information can be downloaded at www.tpsonline.org.uk

13 "OFTA Consultation Paper, Proposals to contain the problem of unsolicited electronic messages", June 2004. http://www.ofta.gov.hk/junk-email/junk_email_eng.html

14 The report released by the Working Group states that the number of computer crime cases handled by the Police and the Customs and Excise Department increased from 21 cases in 1996 to 318 cases in 1999.

15 Consider for example the penalties imposed by Australian legislation. Fines exist of US$157,000 per day for individual repeat offenders and US$780,000 per day for organisations who repeatedly contravene the Spam Act which reflect the legislative intent that spam must be made uneconomical for the businesses perpetrating it. Compare with Japan and Korea whose fines of US$4,500 and US$8,500 respectively offer little incentive to deter commercial spammers. USA and Italy also include criminal penalties for serious offenders. Whether these are enforced remain to be seen.

16 Act on Promotion of Information and Telecommunication of Network Use and Protection of Personal Information

17 Law Regarding the Regulation of Transmission of Specific E-mail

18 Law Regarding Specific Commercial Transactions

19 EU Directive on Privacy and Electronic Communications (2002/58/EC)

20 EU Directive on E-Commerce (2000/31/EC)

21 Controlling the Assault of Non-Solicited Pornography and Marketing Act 2003

22 An electronic mail message with the primary purpose of advertising or otherwise promoting a commercial product or service

23 I.e. those messages with the primary purpose of facilitating commercial transactions, providing warranty or safety information, providing information relating to a pre-existing business or employment relationship or delivering goods/services according to an agreed transaction.

24 Federal Trade Commission: jurisdiction over instances of unfair or deceptive trade practices

25 State Attorney General: for cases of state-wide importance

26 Internet Service Provider: for cases where a particular provider is affected

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
 
Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Mondaq Advice Centre (MACs)
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
 
Email Address
Company Name
Password
Confirm Password
Mondaq Topics -- Select your Interests
 Accounting
 Anti-trust
 Commercial
 Consumer
 Criminal
 Employment
 Energy
 Environment
 Family
 Finance
 Government
 Healthcare
 Immigration
 Insolvency
 Insurance
 International
 IP
 Law Performance
 Law Practice
 Litigation
 Media & IT
 Privacy
 Real Estate
 Strategy
 Tax
 Technology
 Transport
 Wealth Mgt
Regions
Africa
Asia
Asia Pacific
Australasia
Canada
Caribbean
Europe
European Union
Latin America
Middle East
U.K.
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.

Disclaimer

Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.

Registration

Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.

Cookies

A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links

This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.

Mail-A-Friend

If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.

Security

This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.